Some auxiliary modules are given below that are used to scan vulnerabilities.
1) SCANNING FOR MS17-010 VULNERABILITY:
We can use following commands in Metasploit to scan for MS17-010 vulnerability in target;
(msfconsole)
(use auxiliary/scanner/smb/smb_ms17_010)
(show options)
(set RHOSTS + network range of target) e.g. (set RHOSTS 192.168.8.70)
(run)
2) SCANNING FOR HEART BLEED VULNERABILITY:
We can detect heart bleed vulnerability on target system by using following commands in metasploit;
(msfconsole)
(use auxiliary/scanner/ssl/openssl_heartbleed)
(show options)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4.-254)
(set RPORT + port of openssl service) e.g. (set RPORT 8443)
(set action SCAN)
(run)
3) SCANNING FOR BLUE KEEP VULNERABILITY:
We can scan blue keep vulnerability of target by using following commands in Metasploit;
(msfconsole)
(use auxiliary/scanner/rdp/cve_2019_0708_bluekeep)
(show options)
(set RHOSTS + ip of target) e.g. (set RHOSTS 192.168.8.4.)
(run)
Best tool are nmap, nessus, nikto, lynis, wapiti, openvas for vulnerability scanning. Metasploit is mainly used for exploiting vulnerabilities, but can find vulnerabilities also. I discussed few for example but you can use more modules in Metasploit for vulnerability analysis.